Today I listened to a recording of Paul Cooke posted at MyitForum, Director in the Windows Client division specializing in security, where he discusses BitLocker Drive Encryption, and how it has been extended in Windows Vista SP1.
Its been a while since I’d read anything on bitlocker. Since GuardianEdge did a number on my laptop I am interested to see if its worth continuing with GE if we ever upgrade to Vista.
SP1 enhancements:
- Can now require TPM, PIN and USB all together.
- Can now encrypt data volumes instead of only the OS/primary volume.
TPM 1.2 is required (if you use the TPM option). That sounds like quite a hassle, making sure the TPM chip is enabled on the computers that are coming in.
Recovery involves a 48 digit PIN. That sounds like a real joy to read off to the end user. What rights does the helpdesk need to access that number anyway? With our current product while you are reading off numbers to the user, there is a check digit returned to verify correct entry.
Posts tagged ‘GuardianEdge’
Bitlocker podcast with Paul Cook
Guardian Edge Hard Disk Encryption 8.7 , SEP 11 and IP6 over IP4
I am planning to upgrade to Guardian Edge Hard Disk Encryption 8.7. Its been over a year since we deployed 8.2.4 and I wanted to get some of the assorted fixes out to our computers.
While reading the release notes, I noticed a known issue with Symantec Endpoint Protection 11.
“Following the installation of GuardianEdge
Hard Disk on the Client Computer, a
Network Threat Protection message may
be displayed, alerting the end user to a
change in the EAFRCliADSI application.”
The solution is to allow IP6 over IPv4.
Personally I am not a big fan of this solution. Until I have a personal firewall that works with IPv6, I think we should default deny it. Until there is a need for IPv6, we should default deny it.
The solution doesn’t adequately explain the problem to me. I don’t use SEP11 to monitor what applications can go out (management overruled me). I’m thinking users would never be alerted if an application changed. Thus their workaround should be unnecessary.
I called support but that only resulted in a guy reading the release note back to me. I guess I’m going to upgrade the server and install 8.7 on my computer and see what happens.
Managing Emotions Under Pressure – part 2
This is part 2 of a series posts reflecting on a Fred Pryor class titled Managing Your Emotions Under Pressure.
There is more pressure than ever in the workplace. There is just a lot of information to absorb and a lot of tasks to perform. Most of my readers will understand that. They use RSS feeds to sip from the firehose of information that is the Internet. Many of my readers will like me be in Information Security. We’ve got to stay one step ahead of a motivated attacker and protect the business even when the users don’t want to be protected.
Pressure can lead to overreacting emotionally. Overreacting emotionally can have great negative effect on the career.
We’re supposed to be always learning and building our skills. Skills aren’t just picking up another certification, or studying up on the benefits/drawbacks of bitlocker when compared to GuardianEdge. Skills include managing your emotions.
Doing so isn’t easy. Stephen Covey says it takes 6 times to learn and 21 times for it to become a habit. Making changes could be a lifelong effort.
